www/includes/db_profile_mash.php@ccb9f24d0fe9
www/includes/db_profile_mash.php
Wed, 20 May 2020 21:49:09 +0200
- author
- Michiel Broek <mbroek@mbse.eu>
- date
- Wed, 20 May 2020 21:49:09 +0200
- changeset 684
- ccb9f24d0fe9
- parent 215
- 83cee005d2d9
- child 716
- 57118e6a4bdb
- permissions
- -rw-r--r--
Report any online status change via websocket broadcast. When starting, load all in memory tables sorted. The websocket status on the web pages has it's own panel. Prepared the menu system for dynamic updates.
<?php require($_SERVER['DOCUMENT_ROOT']."/config.php"); require($_SERVER['DOCUMENT_ROOT']."/version.php"); #Connect to the database $connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME); if (! $connect) { die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error()); } mysqli_set_charset($connect, "utf8" ); $escapers = array("\\", "/", "\"", "\n", "\r", "\t", "\x08", "\x0c"); $replacements = array("\\\\", "\\/", "\\\"", "\\n", "\\r", "\\t", "\\f", "\\b"); $rescapers = array("'"); $rreplacements = array("\\'"); $disallowed = array('visibleindex','uniqueid','boundindex','uid'); if (isset($_POST['insert']) || isset($_POST['update'])) { if (isset($_POST['insert'])) { $sql = "INSERT INTO"; } if (isset($_POST['update'])) { $sql = "UPDATE"; } $sql .= " `profile_mash` SET name='" . mysqli_real_escape_string($connect, $_POST['name']); $sql .= "', notes='" . mysqli_real_escape_string($connect, $_POST['notes']); $array = $_POST['steps']; $comma = FALSE; $steps = '['; foreach($array as $key => $item) { /* * Manual encode to json. This eliminates the wrong UTF-8 encodings * but also removes the unwanted fields. */ if ($comma) $steps.= ','; $steps .= '{"step_name":"' . str_replace($rescapers,$rreplacements,$item['step_name']); $steps .= '","step_type":' . $item['step_type']; $steps .= ',"step_temp":' . $item['step_temp']; $steps .= ',"end_temp":' . $item['end_temp']; $steps .= ',"step_time":' . $item['step_time']; $steps .= ',"ramp_time":' . $item['ramp_time'] . '}'; $comma = TRUE; } $steps .= ']'; $sql .= "', steps='" . $steps; if (isset($_POST['insert'])) { $sql .= "';"; } if (isset($_POST['update'])) { $sql .= "' WHERE record='" . $_POST['record'] . "';"; } syslog(LOG_NOTICE, $sql); $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_profile_mash: ".$sql." result: ".mysqli_error($connect)); } else { if (isset($_POST['update'])) { syslog(LOG_NOTICE, "db_profile_mash: updated record ".$_POST['record']); } else { $lastid = mysqli_insert_id($connect); syslog(LOG_NOTICE, "db_profile_mash: inserted record ".$lastid); } } echo $result; } else if (isset($_POST['delete'])) { // DELETE COMMAND $sql = "DELETE FROM `profile_mash` WHERE record='".$_POST['record']."';"; $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_profile_mash: ".$sql." result: ".mysqli_error($connect)); } else { syslog(LOG_NOTICE, "db_profile_mash: deleted record ".$_POST['record']); } echo $result; } else { // SELECT COMMAND $query = "SELECT * FROM profile_mash ORDER BY name"; $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect)); $mashprofiles = '['; $comma = FALSE; while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { // Manual encode to JSON. if ($comma) { $mashprofiles .= ','; } $comma = TRUE; $mashprofiles .= '{"record":' . $row['record']; $mashprofiles .= ',"name":"' . str_replace($escapers, $replacements, $row['name']); $mashprofiles .= '","notes":"' . str_replace($escapers, $replacements, $row['notes']); $mashprofiles .= '","steps":' . $row['steps']; $mashprofiles .= '}'; } $mashprofiles .= ']'; header("Content-type: application/json"); echo $mashprofiles; } ?>
